BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] WebDAV Windows 10 - Remote Code Execution (RCE)
- [local] Microsoft Excel Use After Free - Local Code Execution
- [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
Hackers Use XWorm RAT to Exploit Script Kiddies, Pwning 18,000 Devices
/in General NewsCrooks pwning crooks – Hackers exploit script kiddies with XWorm RAT, compromising 18,000+ devices globally and stealing sensitive…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The top 10 brands exploited in phishing attacks – and how to protect yourself
/in General NewsImpersonating a well-known brand is an easy way for scammers to get people to click their malicious links. Here’s what to watch for.
Latest stories for ZDNET in Security – Read More
Subaru Starlink Vulnerability Exposed Cars to Remote Hacking
/in General NewsA vulnerability in Subaru’s Starlink connected vehicle service exposed US, Canada, and Japan vehicle and customer accounts.
The post Subaru Starlink Vulnerability Exposed Cars to Remote Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
The best password managers for businesses in 2025: Expert tested
/in General NewsThese are the best password managers for businesses on the market, whether you own a small business or need an enterprise-grade security solution.
Latest stories for ZDNET in Security – Read More
Strengthening Our National Security in the AI Era
/in General NewsFor the first time in a long while, the federal government and the software sector alike finally have the tools and resources needed to do security well — consistently and cost-effectively.
darkreading – Read More
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations
/in General NewsA group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network.
The 119 vulnerabilities, assigned 97 unique CVE identifiers, span seven LTE implementations – Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC,
The Hacker News – Read More
2025 State of SaaS Backup and Recovery Report
/in General NewsThe modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, this
The Hacker News – Read More
DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations
/in General NewsThe U.S. Department of Justice (DoJ) on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology (IT) worker scheme that seeks to generate revenue for the Democratic People’s Republic of Korea (DPRK) in violation of international sanctions.
The action targets Jin Sung-Il (진성일), Pak
The Hacker News – Read More
US indicts five individuals in crackdown on North Korea’s illicit IT workforce
/in General NewsThe multi-year scheme saw the defendants generate hundreds of thousands in revenue.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Android’s New Identity Check Feature Locks Device Settings Outside Trusted Locations
/in General NewsGoogle has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations.
“When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you’re outside of trusted locations,” Google said in a post announcing the
The Hacker News – Read More